When Americans head to the polls in a few weeks for the 2018 midterm elections, voters in 36 states will use insecure electronic voting machines. Results for those machines could be easily modified by an attacker--even though leading voting security experts have made clear what best practices for voting security ought to look like.

A new report on voting machine security from the National Academies of Science, Engineering and Medicine lays out the consensus opinion of dozens of leading experts. Voting machine security expert Matt Blaze's 2017 testimony before Congress painted the solution in vivid colors: use paper ballots, counted with optical scanners, and double-checked with risk-limiting audits. Oh--and avoid online voting and anything that uses the word blockchain.

Despite the growing howl from security experts, state and local governments are dragging their feet. A Georgia state judge went so far as to accuse that state's election's officials of having their "head in the sand." Georgia is one of five states that use voting machines that offer no paper audit trail of any kind.

Why are state election officials not prioritizing election security when security best practices are well-understood and deployable at modest expense? Well, you'll have to ask your elected representatives that. Here are the three best practices that could be implemented relatively easily to ensure trustworthy elections.